Adobe Releases Another Emergency Security Patch for Flash Player

Only two weeks later, it's already time for another security update for Adobe's Flash player, reports Ars Technica. The culprit this time is a hole in security that lets unsavory coders inject malicious code into both Mac and Windows computers. According to security firm FireEye, it's already responsible for attacks on three nonprofit organizations.

That's not a coincidence. According to the report, this attackers who've exploited the hole have targeted websites focusing on "international security policy, defense topics, and other non-profit sociocultural issues." It gets worse: "The actor either maintains persistence on these sites for extended periods of time or is able to re-compromise them periodically."

The report also hints that we may not have seen the last of the culprit, even with the security breach. "This actor also has early access to a number of zero-day exploits, including Flash and Java, and deploys a variety of malware families on compromised systems. Based on these and other observations, we conclude that this actor has the tradecraft abilities and resources to remain a credible threat in at least the mid-term."

If you have a Mac running Adobe Flash Player version 12.0.0.70 or earlier, you're at risk, so be sure to download the latest update. If you're not sure if you're running the latest edition, you can find out through a link available from Adobe itself.